General
-
Target
8ec044c6b5d05930f7810a1799607e89_JaffaCakes118
-
Size
873KB
-
Sample
241104-c8ezja1gqa
-
MD5
8ec044c6b5d05930f7810a1799607e89
-
SHA1
df8b7e455e29127b3d45c792755f844c0e82b685
-
SHA256
8f494568efe369de564e37eebcfa978d92f7ec8256f9aae4d84571f6c1650c68
-
SHA512
effb3ffe31ad2dd6a163ec4ac14e973a5858770c095d6a0db749dc8a8b1458d74b575c9e58fe7c6ba5a195140522d3144c1c25d84d39855c09303d5a82c0ad8a
-
SSDEEP
24576:/ikdkv9G2LoFNGv4bMrqKCaw5tPbqee5R0a+jE6l6snc2thS:/3dkvA2M+SkqKneeijfpciS
Static task
static1
Behavioral task
behavioral1
Sample
8ec044c6b5d05930f7810a1799607e89_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
8ec044c6b5d05930f7810a1799607e89_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
8ec044c6b5d05930f7810a1799607e89_JaffaCakes118
-
Size
873KB
-
MD5
8ec044c6b5d05930f7810a1799607e89
-
SHA1
df8b7e455e29127b3d45c792755f844c0e82b685
-
SHA256
8f494568efe369de564e37eebcfa978d92f7ec8256f9aae4d84571f6c1650c68
-
SHA512
effb3ffe31ad2dd6a163ec4ac14e973a5858770c095d6a0db749dc8a8b1458d74b575c9e58fe7c6ba5a195140522d3144c1c25d84d39855c09303d5a82c0ad8a
-
SSDEEP
24576:/ikdkv9G2LoFNGv4bMrqKCaw5tPbqee5R0a+jE6l6snc2thS:/3dkvA2M+SkqKneeijfpciS
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-